Smart Gujarat Hackathon 2017
Challenge Statement
Name of the Department: Energy &
Petroleum Department - GUVNL
Challenge Title |
: |
Non Disturbing Hacking of GETCO
website, showing security loopholes and roadmap for correction. |
Challenge Description with context |
: |
Students
will try to get access to the GETCO webserver and various application are
hosted on GETCO server. Instructions
: ·
Students are
allowed only try to access the server ·
Success or
failure will be demonstrated to the judges with the logics, steps, tools and
technique/process. ·
GETCO IT and
Security team will strictly monitor the process. ·
Students will
provide as much as details about servers and server platforms. ·
Proof of Access
should be provided (on request) Only
URL Links will be provided as a challenge resource (as under) Warning : ·
Students will
not make any change (in any case). ·
Judges may ask
to put certain data/files to successful candidates as a Proof of Access,
until no files/data will be uploaded by the students. HACK : White
Hat Hack (here), Don’t be notty, Notties will be in jail…!!! Government websites are always soft target of
hackers. Both the success and failure will teach new lessons to all of
us |
What Exact Problem is being Solved? |
: |
Imagine that all the services are hosted on single
server. The server might be behind Hardware and/or
software firewall. |
Users |
: |
Server manager Site manager IT/Network/Security managers |
Expected Outcomes |
: |
|
Impact |
: |
Student : as an ethical hacker GETCO IT/security TEAM: first line to last line
defence |